There's a bug in the CGI servlet. What happens is: I have an HTML form which is transmitted via POST request. Two parameters are passed: email and action what should arrive is: email=peterb%40sbox.tugraz.at action=Login When perl gets the request the second parameter is truncated [EMAIL PROTECTED] action=Log This happens only if the first parameter contains the "@" character. I suppose the same bug affects the TunnelServlet too. I already informed Orion support about that some time ago, but didn't get a response, and 1.4.7 still doesn't correct this issue. For us this trivial bug is absolutely critical because we need to have orion handle requests and SSL in the front. Certain apps (the IMP PHP webmail) should be tunneled to apache, which still doesn't work! Other URL-encoded characters don't seem to have a negative effect, but the "@" causes the problem with the following parameter. I read on the list that also others have had problems with the Tunnel Servlet and POST requests. Maybe we can track down the bug a bit deeper. I entered it in Bugzilla as Bug Nr. 387 and hope that it finally will be taken care of. Regards, Peter